CVE-2019-14826
5.6
CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N
Summary
A flaw was found in FreeIPA versions 4.5.0 and later. Session cookies were retained in the cache after logout. An attacker could abuse this flaw if they obtain previously valid session cookies and can use this to gain access to the session.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Red Hat | ipa | FreeIPA versions 4.5.0 and later | affected |
Weaknesses
- CWE-613: CWE-613
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.